top of page
light grey mark.png


The Department of Health and Human Services
Releases Voluntary Cybersecurity Performance
Goals for Healthcare

Chicago, IL, January 29, 2024 – Taken directly from last week's HHS press release dated January 24, 2024: 

“Today, the U.S. Department of Health and Human Services (HHS), through the Administration for Strategic Preparedness and Response (ASPR), is releasing voluntary health care specific cybersecurity performance goals (CPGs) and a new gateway website to help Health Care and Public Health (HPH) sector organizations implement these high-impact cybersecurity practices and ease access to the plethora of cybersecurity resources HHS and other federal partners offer.”


HHS is publishing the CPGs to help health care organizations, and health care delivery organizations in particular, prioritize implementation of high-impact cybersecurity practices. The HPH CPGs are designed to better protect the healthcare sector from cyberattacks, improve response when events occur, and minimize residual risk...”


Security Counsel would like to recognize Erik Decker, a Security Counsel company advisor, for his extensive collaboration and role on the government subcommittee that drafted this new guidance.  

These initial voluntary cybersecurity goals will go into effect immediately while the longer term enhanced goals will take some time to become official requirements. 

There is a significant amount of support being created by the federal government to help healthcare organizations achieve success, including a series of grants to help implement security programs.  

Security Counsel is well-prepared to help your organization fully understand and implement the initial goals and create an actionable plan to achieve longer-term goals as they become mandatory. 

Contact Security Counsel to discuss how these goals can affect your healthcare organization. 

bottom of page